Architecture, Application Security

Phishing campaign spoofs emails from Costco, Home Depot

December 1, 2014

It's no surprise to discover that cybercriminals are leveraging the uptick in holiday shopping to further spread their malicious campaigns.

Researchers at ESET have caught on to a new phishing ruse where miscreants are spoofing emails to victims claiming to be from retailers Home Depot and Costco, attempting to lure them into submitting sensitive information, according to a recent blog post.

Both messages give readers clues regarding their authenticity. In the Home Depot email received, readers are asked to “Sing Up” for exclusive email savings, while the Costco message is extremely broad regarding a recently placed order whose recipient's personal information “coincides” with the reader's information.

Experts share that while the computers behind the ruse vary, they are located in the United States, South Africa and France, which lead them to believe the miscreants are leveraging “compromised email accounts.” 

prestitial ad